Sr lead Cybersecurity Architect

Job Description

Description

Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the Payments industry.

As a Sr. Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you are an architect & trusted advisor working with developers, architects, and technology teams supporting our Payments organization. In this role, you will partner with internal customers, to ensure the World-Class solutions being built are designed and brought to life securely.

You will be a trusted advisory to project and product leads, and a technical resource capable of going deep when needed. This role will support internal technologists around the globe in support of business growth, adoption of modern technologies, and varying technology integrations.

Job Responsibilities:

• Core technical contributor and expected to apply your expertise in cybersecurity engineering, application, cryptography, and architecture domains to operate as the security-lead part of projects and initiatives supporting Payments. Define, Design, and Guide security throughout existing and future payment technology environments.
• Work with internal technology team to ensure security and compliance is designed from-the-start for modern technology stacks such as point-of-sale devices (POS), device key and identity management, public cloud connectivity, API gateways, & hybrid environments.
• Advise and assist on opportunities for architectural patterns, repeatability, and advise on deviations. In this context, a strong understanding of security tooling is important as you as you will advise your stakeholders on how and where to leverage various security products to mitigate risk.
• Research, design and apply advanced security techniques such as threat modeling and structured architecture reviews.
• Translate and advise on technical designs that must meet risk profile and compliance needs in a global context. Including cross-border, data sovereignty, and design/advise to ensure our tech teams meet respective regulatory requirements applicable to their workloads.
• Partnering with our Commercial and Investment Bank and other technical teams to ensure area owners are advise and oversee security design and implementation, applied in a timely manner. Providing regular management reporting to senior management and relevant stakeholders in business units.
• Design security solutions to manage risk for new and emerging technologies in the Payments space.
• Perform threat modelling to identify potential security risks and develop mitigation strategies. Use your knowledge of applicable regulatory requirements such as PCI-DSS, HIPAA, etc. to design secure architectures that both meet security, risk, and compliance requirements.

Required Qualifications, Capabilities, and Skills:

• Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience.

This role will provide security support for new and emerging technologies in the Payments space, so having professional curiosity to learn new technologies, and aptitude to support new and emerging technologies, while driving priorities with autonomy, will be highly important.

• Practical working knowledge of, or experience architecting and providing security guidance inline with industry frameworks applicable to Payments (ie: PCI-DSS, HIPAA, etc.).
• Hands-on experience in threat modeling and designing secure controls for enterprise-level solutions. Thorough design and security architecture experience in one or more of the large public cloud providers. (e.g. AWS, Azure, Google Cloud) Certifications advantageous.
• Cryptography experience in regard to key and secrets management for point-of-sale (POS) devices, IoT devices or peripherals. Experience designing secure solutions specific to hybrid connectivity both in house across platforms and cloud providers.
• Experience designing secure solutions specific securing (payments) flows between 3 rd parties or business partners.
• Experience with Point of Sale (POS) device security, key management, identity, and interconnectivity with third parties, hybrid, and on-prem ecosystems. In-depth knowledge of the financial services industry and their IT systems

Preferred Qualifications, Capabilities, and Skills:

• Security architecture role or responsibilities at large enterprise, global scale.
• Experience working with AI models and complex distributed data sets. API Gateway security expertise.
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection . Risk management, governance, risk & compliance experience – preferably intersected with technical design and architectural inputs.
• Experience managing Identity and Access Management (IAM) in an enterprise and hybrid environments.
• Experience conducting architecture reviews to find and evaluate application and infrastructure security risks using formalized Threat Modeling methodologies (e.g., STRIDE). Experience in Application Security, background in penetration testing will be helpful in this role

#CTC

About Us

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.